<?php
/*
 * PHP Handler for ajax form post: Custom WordPress Login
 *
 */

require('../../../../../wp-blog-header.php'); // Very Important, this loads our wordpress inviroment


if ( $_POST ) {

	//We shall SQL escape all inputs
	global $wpdb;
	$username = $wpdb->escape($_REQUEST['wpbootstrap_username']);  
	$password = $wpdb->escape($_REQUEST['wpbootstrap_password']);  
	$remember = $wpdb->escape($_REQUEST['rememberme']);

	if ($remember) $remember = "true";
	else $remember = "false";
	$login_data = array();
	$login_data['user_login'] = $username;
	$login_data['user_password'] = $password;
	$login_data['remember'] = $remember;
	$user = wp_signon( $login_data, false ); // SET TO TRUE TO FORCE A SECURE SIGNON WHEN USER GOES TO WORDPRESS BACKEND

	if ( is_wp_error($user) ) {
		echo $user->get_error_message();
		exit();
	} else { ?>
        <li class="dropdown">
            <a href="#" class="dropdown-toggle" data-toggle="dropdown">
                Welcome <?php print_r($user->data->display_name); ?>
                <span id="userAvatar"><?php echo get_avatar( $user->data->ID, 25 ); ?></span>
            </a>
            <ul class="dropdown-menu">
                <li><a href="<?php echo wp_logout_url( get_permalink() ); ?>" title="Logout">Logout</a></li>
            </ul>
        </li>
		<?php exit();
	}
	
}

?>